* Update functions.php
` $_SERVER['REMOTE_ADDR']` was hardcoded in ban lookup instead of `$ip` variable
* Fix information leak in thread.html
Sensitive information can be leaked due to inadequate/absent escaping.
Line 14 is truncating before removing tags, this can cause some tags to be cut and therefore not be removed by the `remove_` functions.
Line 22 is just leaking it all, not removing anything.
* Fixed thread template
`remove_markup` is not available on vichan, arguably it makes things better but it's out of scope for this CHANGE, removing modifiers is enough to stop the info leak
consider adding it again after pulling:
fallenPineapple@a5b3336
also moving truncation before escaping for extra safety
Sensitive information can be leaked due to inadequate/absent escaping, if proxy_save enabled
Line 14 is truncating before removing tags, this can cause some tags to be cut and therefore not be removed by the `remove_` functions.
Line 22 is just leaking it all, not removing anything.
adds an option to use textarea in theme settings.
Merged most Basic, Recent and Frameset theme functions in one.
you can add a video picture icon and quote in the homepage.
@ctrlcctrlv feel free to add suggestions and fix bladly formed code or let me know and I will try to fix.
i installed it on my demo site: https://hikichan.com/
Note: In a previous commit, I began making inc/mod/auth.php more modular with the check_login() function. Including it does NOT check mod login by default anymore like it does on vichan. You have to call check_login(). I've finally included it in inc/functions.php. If you have any custom pages that use inc/mod/auth.php, just including functions.php is enough now.
===================================
Also: backports 351375185e (early 404)
